Value of OpenChain for different sectors - creating one sentence explanation of value


Shane Coughlan <coughlan@...>
 

Dear all

This was a thought experiment from a while back that I believe may be useful to revisit. Input most welcome.

Consumer Electronics
OpenChain helps the suppliers provide hardware, software or integrated components while following key international Open Source license compliance processes.

Automotive
OpenChain helps Tier 1, 2 and 3 suppliers to adopt key international Open Source license compliance processes.

Enterprise
OpenChain helps to ensure that suppliers of all sizes adhere to key international Open Source license compliance processes.

SaaS
- Help wanted!

IoT
- Help wanted!

Regards

Shane

--
Shane Coughlan
OpenChain Project Director
e: coughlan@...
p: +81 (0) 80 4035 8083
w: www.openchainproject.org

Professional profile: http://www.linkedin.com/in/shanecoughlan

Get my free book on open source compliance here:
https://www.linuxfoundation.org/news-media/research/practical-gpl-compliance


Matija Šuklje
 

On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
SaaS
- Help wanted!
How about something in the line:
“OpenChain helps SaaS providers to provide the needed information on their
client-side software in order to comply with the key international Open Source
license compliance processes.”

…I’m not 100% happy with it, but offer it for butchering.

For the reasoning behind it, I’m copying from my reply from the openchain-
specs list re FOSS compliance risks in SaaS:

SaaS:
• least risky, as code is in generally not distributed (NB: AGPL, EUPL)
• caveat: client-side (e.g. JavaScript) code is still traditionally
distributed, and as such fits in that category
• (ultra-LTS is not very likely)


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...


Gary O'Neall
 

For SaaS - the client-side software is the most common and compelling reason to use OpenChain. My only suggestion is to elaborate a bit more on "client-side software". I would propose adding "(e.g. browser-based software or agents downloaded by the user)".

There are two other less common situations requiring open source policy updates which my clients have run into:
- Deciding to offer an "on premise" solution for security sensitive customers where the server software is deployed to their customer premises
- A sale/acquisition involving the transfer of assets which would include the server-side software

I don't know if either of these are common enough to include, but I though I would put them out there for consideration.

Gary

-----Original Message-----
From: openchain-bounces@... <openchain-
bounces@...> On Behalf Of Matija Šuklje
Sent: Friday, May 25, 2018 8:11 AM
To: openchain@...
Subject: Re: [OpenChain] Value of OpenChain for different sectors - creating
one sentence explanation of value

On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
SaaS
- Help wanted!
How about something in the line:
“OpenChain helps SaaS providers to provide the needed information on
their client-side software in order to comply with the key international
Open Source license compliance processes.”

…I’m not 100% happy with it, but offer it for butchering.

For the reasoning behind it, I’m copying from my reply from the openchain-
specs list re FOSS compliance risks in SaaS:

SaaS:
• least risky, as code is in generally not distributed (NB: AGPL, EUPL) •
caveat: client-side (e.g. JavaScript) code is still traditionally distributed, and
as such fits in that category • (ultra-LTS is not very likely)


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Jan Thielscher
 

Hi Gary,

I can confirm this to be a common case. Both situations appear quiet often.
I would want to add one more case: changing circumstances. there are only few projects I came across, that did not change scope over time. Parts of the solution suddenly should be shared with others, solution should be transferred to another legal entity, a solution should be shipped inside a VM,... 
without a structured approach, it is an enormous effort to clarify options and consequnces.

Mit freundlichem Gruß / kind regards
Jan Thielscher

EACG GmbH - s.a. http://www.eacg.de
T: +49 69 153 22 77 50

On 25. May 2018, at 17:56, Gary O'Neall <gary@...> wrote:

For SaaS - the client-side software is the most common and compelling reason to use OpenChain.  My only suggestion is to elaborate a bit more on "client-side software".  I would propose adding "(e.g. browser-based software or agents downloaded by the user)".

There are two other less common situations requiring open source policy updates which my clients have run into:
- Deciding to offer an "on premise" solution for security sensitive customers where the server software is deployed to their customer premises
- A sale/acquisition involving the transfer of assets which would include the server-side software

I don't know if either of these are common enough to include, but I though I would put them out there for consideration.  

Gary

-----Original Message-----
From: openchain-bounces@... <openchain-
bounces@...> On Behalf Of Matija Šuklje
Sent: Friday, May 25, 2018 8:11 AM
To: openchain@...
Subject: Re: [OpenChain] Value of OpenChain for different sectors - creating
one sentence explanation of value

On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
SaaS
- Help wanted!

How about something in the line:
“OpenChain helps SaaS providers to provide the needed information on
their client-side software in order to comply with the key international
Open Source license compliance processes.”

…I’m not 100% happy with it, but offer it for butchering.

For the reasoning behind it, I’m copying from my reply from the openchain-
specs list re FOSS compliance risks in SaaS:

SaaS:
• least risky, as code is in generally not distributed (NB: AGPL, EUPL) •
caveat: client-side (e.g. JavaScript) code is still traditionally distributed, and
as such fits in that category • (ultra-LTS is not very likely)


cheers,
Matija Šuklje
--
gsm:    +386 41 849 552
www:    http://matija.suklje.name
xmpp:   matija.suklje@...
sip:    matija_suklje@...

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Steve Cropper
 

Hi All:


Saas can also include compiled java applets that may be deployed to smart IOT devices.

Saas is also complicated by the growing number of package managers such as NPM and Composer, which I would include container technology like Docker in. These allow large numbers of interdependent packages to be downloaded in a very short timeframe mostly assumed to be MIT licensed.

Another issue that exists with JavaScript is minification. In order to make JavaScript deploy efficiently key code artifacts are often removed from original code pre deployment - essentially violating the MIT license. Guidance on how to solve for this may be worthwhile adding to Openchain.

Web site assets should not be overlooked. Integration of code with 
images, data (fonts, map info), video, audio etc. that is redistributed via client download would be worth highlighting as part of the standard.

Lastly, IOT can be aligned to some extent with Consumer electronics. Most IOT devices will likely be produced at scale by Asian based ODMs. This is probably the largest risk area for open source management and was the initial source of problems that Led to the Linksys lawsuit. Of course IOT is also enabled by Saas applications so there are potential integration management processes to consider.

Cheers
Steve

On Sun, May 27, 2018 at 11:20 Jan Thielscher <jan.thielscher@...> wrote:
Hi Gary,

I can confirm this to be a common case. Both situations appear quiet often.
I would want to add one more case: changing circumstances. there are only few projects I came across, that did not change scope over time. Parts of the solution suddenly should be shared with others, solution should be transferred to another legal entity, a solution should be shipped inside a VM,... 
without a structured approach, it is an enormous effort to clarify options and consequnces.

Mit freundlichem Gruß / kind regards
Jan Thielscher

EACG GmbH - s.a. http://www.eacg.de
T: +49 69 153 22 77 50

On 25. May 2018, at 17:56, Gary O'Neall <gary@...> wrote:

For SaaS - the client-side software is the most common and compelling reason to use OpenChain.  My only suggestion is to elaborate a bit more on "client-side software".  I would propose adding "(e.g. browser-based software or agents downloaded by the user)".

There are two other less common situations requiring open source policy updates which my clients have run into:
- Deciding to offer an "on premise" solution for security sensitive customers where the server software is deployed to their customer premises
- A sale/acquisition involving the transfer of assets which would include the server-side software

I don't know if either of these are common enough to include, but I though I would put them out there for consideration.  

Gary

-----Original Message-----
From: openchain-bounces@... <openchain-
bounces@...> On Behalf Of Matija Šuklje
Sent: Friday, May 25, 2018 8:11 AM
To: openchain@...
Subject: Re: [OpenChain] Value of OpenChain for different sectors - creating
one sentence explanation of value

On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
SaaS
- Help wanted!

How about something in the line:
“OpenChain helps SaaS providers to provide the needed information on
their client-side software in order to comply with the key international
Open Source license compliance processes.”

…I’m not 100% happy with it, but offer it for butchering.

For the reasoning behind it, I’m copying from my reply from the openchain-
specs list re FOSS compliance risks in SaaS:

SaaS:
• least risky, as code is in generally not distributed (NB: AGPL, EUPL) •
caveat: client-side (e.g. JavaScript) code is still traditionally distributed, and
as such fits in that category • (ultra-LTS is not very likely)


cheers,
Matija Šuklje
--
gsm:    +386 41 849 552
www:    http://matija.suklje.name
xmpp:   matija.suklje@...
sip:    matija_suklje@...

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Oliver Fendt
 

Hi all,

Shanes email, brought another topic to my mind.
How about all this "docker container shipping around the world" is license compliance when making docker container available to others also a topic for OpenChain?

Sorry if this was already discussed

Ciao
Oliver

-----Ursprüngliche Nachricht-----
Von: openchain-bounces@... [mailto:openchain-bounces@...] Im Auftrag von Shane Coughlan
Gesendet: Mittwoch, 23. Mai 2018 09:57
An: openchain@...
Betreff: [OpenChain] Value of OpenChain for different sectors - creating one sentence explanation of value

Dear all

This was a thought experiment from a while back that I believe may be useful to revisit. Input most welcome.

Consumer Electronics
OpenChain helps the suppliers provide hardware, software or integrated components while following key international Open Source license compliance processes.

Automotive
OpenChain helps Tier 1, 2 and 3 suppliers to adopt key international Open Source license compliance processes.

Enterprise
OpenChain helps to ensure that suppliers of all sizes adhere to key international Open Source license compliance processes.

SaaS
- Help wanted!

IoT
- Help wanted!

Regards

Shane

--
Shane Coughlan
OpenChain Project Director
e: coughlan@...
p: +81 (0) 80 4035 8083
w: www.openchainproject.org

Professional profile: http://www.linkedin.com/in/shanecoughlan

Get my free book on open source compliance here:
https://www.linuxfoundation.org/news-media/research/practical-gpl-compliance

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Shane Coughlan <shanecoughlan@...>
 

Very cool start!

On May 25, 2018, at 22:10 , Matija Šuklje <matija@...> wrote:

On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
SaaS
- Help wanted!
How about something in the line:
“OpenChain helps SaaS providers to provide the needed information on their
client-side software in order to comply with the key international Open Source
license compliance processes.”

…I’m not 100% happy with it, but offer it for butchering.

For the reasoning behind it, I’m copying from my reply from the openchain-
specs list re FOSS compliance risks in SaaS:

SaaS:
• least risky, as code is in generally not distributed (NB: AGPL, EUPL)
• caveat: client-side (e.g. JavaScript) code is still traditionally
distributed, and as such fits in that category
• (ultra-LTS is not very likely)


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Shane Coughlan <coughlan@...>
 

Adding to Matija’s note we now have:
“OpenChain helps SaaS providers to provide the needed information on their
client-side software (e.g. browser-based software or agents downloaded by the user) in order to comply with the key international Open Source
license compliance processes.”

On May 26, 2018, at 24:55 , Gary O'Neall <gary@...> wrote:

For SaaS - the client-side software is the most common and compelling reason to use OpenChain. My only suggestion is to elaborate a bit more on "client-side software". I would propose adding "(e.g. browser-based software or agents downloaded by the user)".

There are two other less common situations requiring open source policy updates which my clients have run into:
- Deciding to offer an "on premise" solution for security sensitive customers where the server software is deployed to their customer premises
- A sale/acquisition involving the transfer of assets which would include the server-side software

I don't know if either of these are common enough to include, but I though I would put them out there for consideration.

Gary

-----Original Message-----
From: openchain-bounces@... <openchain-
bounces@...> On Behalf Of Matija Šuklje
Sent: Friday, May 25, 2018 8:11 AM
To: openchain@...
Subject: Re: [OpenChain] Value of OpenChain for different sectors - creating
one sentence explanation of value

On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
SaaS
- Help wanted!
How about something in the line:
“OpenChain helps SaaS providers to provide the needed information on
their client-side software in order to comply with the key international
Open Source license compliance processes.”

…I’m not 100% happy with it, but offer it for butchering.

For the reasoning behind it, I’m copying from my reply from the openchain-
specs list re FOSS compliance risks in SaaS:

SaaS:
• least risky, as code is in generally not distributed (NB: AGPL, EUPL) •
caveat: client-side (e.g. JavaScript) code is still traditionally distributed, and
as such fits in that category • (ultra-LTS is not very likely)


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Shane Coughlan <coughlan@...>
 

Perhaps this:
"OpenChain helps SaaS providers manage client-side, on-promise, M&A use cases in order to comply with the key international Open Source
license compliance processes.”

On May 27, 2018, at 19:20 , Jan Thielscher <jan.thielscher@...> wrote:

Hi Gary,

I can confirm this to be a common case. Both situations appear quiet often.
I would want to add one more case: changing circumstances. there are only few projects I came across, that did not change scope over time. Parts of the solution suddenly should be shared with others, solution should be transferred to another legal entity, a solution should be shipped inside a VM,...
without a structured approach, it is an enormous effort to clarify options and consequnces.

Mit freundlichem Gruß / kind regards
Jan Thielscher

EACG GmbH - s.a. http://www.eacg.de
T: +49 69 153 22 77 50

On 25. May 2018, at 17:56, Gary O'Neall <gary@...> wrote:

For SaaS - the client-side software is the most common and compelling reason to use OpenChain. My only suggestion is to elaborate a bit more on "client-side software". I would propose adding "(e.g. browser-based software or agents downloaded by the user)".

There are two other less common situations requiring open source policy updates which my clients have run into:
- Deciding to offer an "on premise" solution for security sensitive customers where the server software is deployed to their customer premises
- A sale/acquisition involving the transfer of assets which would include the server-side software

I don't know if either of these are common enough to include, but I though I would put them out there for consideration.

Gary

-----Original Message-----
From: openchain-bounces@... <openchain-
bounces@...> On Behalf Of Matija Šuklje
Sent: Friday, May 25, 2018 8:11 AM
To: openchain@...
Subject: Re: [OpenChain] Value of OpenChain for different sectors - creating
one sentence explanation of value

On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
SaaS
- Help wanted!
How about something in the line:
“OpenChain helps SaaS providers to provide the needed information on
their client-side software in order to comply with the key international
Open Source license compliance processes.”

…I’m not 100% happy with it, but offer it for butchering.

For the reasoning behind it, I’m copying from my reply from the openchain-
specs list re FOSS compliance risks in SaaS:

SaaS:
• least risky, as code is in generally not distributed (NB: AGPL, EUPL) •
caveat: client-side (e.g. JavaScript) code is still traditionally distributed, and
as such fits in that category • (ultra-LTS is not very likely)


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Shane Coughlan <shanecoughlan@...>
 

Thanks Steve.

I think we might want to introduce new language for containers. I’ll follow up after Oliver’s reply.

Regards

Shane

On May 28, 2018, at 03:48 , Steve Cropper <stcroppe@...> wrote:

Hi All:


Saas can also include compiled java applets that may be deployed to smart IOT devices.

Saas is also complicated by the growing number of package managers such as NPM and Composer, which I would include container technology like Docker in. These allow large numbers of interdependent packages to be downloaded in a very short timeframe mostly assumed to be MIT licensed.

Another issue that exists with JavaScript is minification. In order to make JavaScript deploy efficiently key code artifacts are often removed from original code pre deployment - essentially violating the MIT license. Guidance on how to solve for this may be worthwhile adding to Openchain.

Web site assets should not be overlooked. Integration of code with
images, data (fonts, map info), video, audio etc. that is redistributed via client download would be worth highlighting as part of the standard.

Lastly, IOT can be aligned to some extent with Consumer electronics. Most IOT devices will likely be produced at scale by Asian based ODMs. This is probably the largest risk area for open source management and was the initial source of problems that Led to the Linksys lawsuit. Of course IOT is also enabled by Saas applications so there are potential integration management processes to consider.

Cheers
Steve

On Sun, May 27, 2018 at 11:20 Jan Thielscher <jan.thielscher@...> wrote:
Hi Gary,

I can confirm this to be a common case. Both situations appear quiet often.
I would want to add one more case: changing circumstances. there are only few projects I came across, that did not change scope over time. Parts of the solution suddenly should be shared with others, solution should be transferred to another legal entity, a solution should be shipped inside a VM,...
without a structured approach, it is an enormous effort to clarify options and consequnces.

Mit freundlichem Gruß / kind regards
Jan Thielscher

EACG GmbH - s.a. http://www.eacg.de
T: +49 69 153 22 77 50

On 25. May 2018, at 17:56, Gary O'Neall <gary@...> wrote:

For SaaS - the client-side software is the most common and compelling reason to use OpenChain. My only suggestion is to elaborate a bit more on "client-side software". I would propose adding "(e.g. browser-based software or agents downloaded by the user)".

There are two other less common situations requiring open source policy updates which my clients have run into:
- Deciding to offer an "on premise" solution for security sensitive customers where the server software is deployed to their customer premises
- A sale/acquisition involving the transfer of assets which would include the server-side software

I don't know if either of these are common enough to include, but I though I would put them out there for consideration.

Gary

-----Original Message-----
From: openchain-bounces@... <openchain-
bounces@...> On Behalf Of Matija Šuklje
Sent: Friday, May 25, 2018 8:11 AM
To: openchain@...
Subject: Re: [OpenChain] Value of OpenChain for different sectors - creating
one sentence explanation of value

On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
SaaS
- Help wanted!
How about something in the line:
“OpenChain helps SaaS providers to provide the needed information on
their client-side software in order to comply with the key international
Open Source license compliance processes.”

…I’m not 100% happy with it, but offer it for butchering.

For the reasoning behind it, I’m copying from my reply from the openchain-
specs list re FOSS compliance risks in SaaS:

SaaS:
• least risky, as code is in generally not distributed (NB: AGPL, EUPL) •
caveat: client-side (e.g. JavaScript) code is still traditionally distributed, and
as such fits in that category • (ultra-LTS is not very likely)


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Steve Cropper
 

Yes, I agree.

On Thu, May 31, 2018 at 10:44 Shane Coughlan <shanecoughlan@...> wrote:
Thanks Steve.

I think we might want to introduce new language for containers. I’ll follow up after Oliver’s reply.

Regards

Shane

> On May 28, 2018, at 03:48 , Steve Cropper <stcroppe@...> wrote:
>
> Hi All:
>
>
> Saas can also include compiled java applets that may be deployed to smart IOT devices.
>
> Saas is also complicated by the growing number of package managers such as NPM and Composer, which I would include container technology like Docker in. These allow large numbers of interdependent packages to be downloaded in a very short timeframe mostly assumed to be MIT licensed.
>
> Another issue that exists with JavaScript is minification. In order to make JavaScript deploy efficiently key code artifacts are often removed from original code pre deployment - essentially violating the MIT license. Guidance on how to solve for this may be worthwhile adding to Openchain.
>
> Web site assets should not be overlooked. Integration of code with
> images, data (fonts, map info), video, audio etc. that is redistributed via client download would be worth highlighting as part of the standard.
>
> Lastly, IOT can be aligned to some extent with Consumer electronics. Most IOT devices will likely be produced at scale by Asian based ODMs. This is probably the largest risk area for open source management and was the initial source of problems that Led to the Linksys lawsuit. Of course IOT is also enabled by Saas applications so there are potential integration management processes to consider.
>
> Cheers
> Steve
>
> On Sun, May 27, 2018 at 11:20 Jan Thielscher <jan.thielscher@...> wrote:
> Hi Gary,
>
> I can confirm this to be a common case. Both situations appear quiet often.
> I would want to add one more case: changing circumstances. there are only few projects I came across, that did not change scope over time. Parts of the solution suddenly should be shared with others, solution should be transferred to another legal entity, a solution should be shipped inside a VM,...
> without a structured approach, it is an enormous effort to clarify options and consequnces.
>
> Mit freundlichem Gruß / kind regards
> Jan Thielscher
>
> EACG GmbH - s.a. http://www.eacg.de
> T: +49 69 153 22 77 50
>
> On 25. May 2018, at 17:56, Gary O'Neall <gary@...> wrote:
>
>> For SaaS - the client-side software is the most common and compelling reason to use OpenChain.  My only suggestion is to elaborate a bit more on "client-side software".  I would propose adding "(e.g. browser-based software or agents downloaded by the user)".
>>
>> There are two other less common situations requiring open source policy updates which my clients have run into:
>> - Deciding to offer an "on premise" solution for security sensitive customers where the server software is deployed to their customer premises
>> - A sale/acquisition involving the transfer of assets which would include the server-side software
>>
>> I don't know if either of these are common enough to include, but I though I would put them out there for consideration. 
>>
>> Gary
>>
>>> -----Original Message-----
>>> From: openchain-bounces@... <openchain-
>>> bounces@...> On Behalf Of Matija Šuklje
>>> Sent: Friday, May 25, 2018 8:11 AM
>>> To: openchain@...
>>> Subject: Re: [OpenChain] Value of OpenChain for different sectors - creating
>>> one sentence explanation of value
>>>
>>> On sreda, 23. maj 2018 09:57:28 CEST Shane Coughlan wrote:
>>>> SaaS
>>>> - Help wanted!
>>>
>>> How about something in the line:
>>> “OpenChain helps SaaS providers to provide the needed information on
>>> their client-side software in order to comply with the key international
>>> Open Source license compliance processes.”
>>>
>>> …I’m not 100% happy with it, but offer it for butchering.
>>>
>>> For the reasoning behind it, I’m copying from my reply from the openchain-
>>> specs list re FOSS compliance risks in SaaS:
>>>
>>> SaaS:
>>> • least risky, as code is in generally not distributed (NB: AGPL, EUPL) •
>>> caveat: client-side (e.g. JavaScript) code is still traditionally distributed, and
>>> as such fits in that category • (ultra-LTS is not very likely)
>>>
>>>
>>> cheers,
>>> Matija Šuklje
>>> --
>>> gsm:    +386 41 849 552
>>> www:    http://matija.suklje.name
>>> xmpp:   matija.suklje@...
>>> sip:    matija_suklje@...
>>>
>>> _______________________________________________
>>> OpenChain mailing list
>>> OpenChain@...
>>> https://lists.linuxfoundation.org/mailman/listinfo/openchain
>>
>> _______________________________________________
>> OpenChain mailing list
>> OpenChain@...
>> https://lists.linuxfoundation.org/mailman/listinfo/openchain
> _______________________________________________
> OpenChain mailing list
> OpenChain@...
> https://lists.linuxfoundation.org/mailman/listinfo/openchain
> _______________________________________________
> OpenChain mailing list
> OpenChain@...
> https://lists.linuxfoundation.org/mailman/listinfo/openchain


Shane Coughlan <coughlan@...>
 

Hi OIiver

If we went with combined perhaps this for SaaS and containers:
"OpenChain helps SaaS providers manage client-side, on-premise, M&A use cases in order to comply with the key international Open Source
license compliance processes.”

If we kept containers separate perhaps this:
"OpenChain helps container providers address on-premise or remote use cases in order to comply with the key international Open Source
license compliance processes.”

Shane

On May 29, 2018, at 17:16 , Fendt, Oliver <oliver.fendt@...> wrote:

Hi all,

Shanes email, brought another topic to my mind.
How about all this "docker container shipping around the world" is license compliance when making docker container available to others also a topic for OpenChain?

Sorry if this was already discussed

Ciao
Oliver

-----Ursprüngliche Nachricht-----
Von: openchain-bounces@... [mailto:openchain-bounces@...] Im Auftrag von Shane Coughlan
Gesendet: Mittwoch, 23. Mai 2018 09:57
An: openchain@...
Betreff: [OpenChain] Value of OpenChain for different sectors - creating one sentence explanation of value

Dear all

This was a thought experiment from a while back that I believe may be useful to revisit. Input most welcome.

Consumer Electronics
OpenChain helps the suppliers provide hardware, software or integrated components while following key international Open Source license compliance processes.

Automotive
OpenChain helps Tier 1, 2 and 3 suppliers to adopt key international Open Source license compliance processes.

Enterprise
OpenChain helps to ensure that suppliers of all sizes adhere to key international Open Source license compliance processes.

SaaS
- Help wanted!

IoT
- Help wanted!

Regards

Shane

--
Shane Coughlan
OpenChain Project Director
e: coughlan@...
p: +81 (0) 80 4035 8083
w: www.openchainproject.org

Professional profile: http://www.linkedin.com/in/shanecoughlan

Get my free book on open source compliance here:
https://www.linuxfoundation.org/news-media/research/practical-gpl-compliance

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Oliver Fendt
 

Hi Shane,

thank you for your reply.
I would love to keep the container stuff separated from the SaaS thing.
This makes it clear that we have this topic on the agenda and that we address this.

Ciao
Oliver

-----Ursprüngliche Nachricht-----
Von: Shane Coughlan [mailto:coughlan@...]
Gesendet: Donnerstag, 31. Mai 2018 11:47
An: Fendt, Oliver (CT RDA SSI)
Cc: openchain@...
Betreff: Re: [OpenChain] Value of OpenChain for different sectors - creating one sentence explanation of value

Hi OIiver

If we went with combined perhaps this for SaaS and containers:
"OpenChain helps SaaS providers manage client-side, on-premise, M&A use cases in order to comply with the key international Open Source license compliance processes.”

If we kept containers separate perhaps this:
"OpenChain helps container providers address on-premise or remote use cases in order to comply with the key international Open Source license compliance processes.”

Shane

On May 29, 2018, at 17:16 , Fendt, Oliver <oliver.fendt@...> wrote:

Hi all,

Shanes email, brought another topic to my mind.
How about all this "docker container shipping around the world" is license compliance when making docker container available to others also a topic for OpenChain?

Sorry if this was already discussed

Ciao
Oliver

-----Ursprüngliche Nachricht-----
Von: openchain-bounces@...
[mailto:openchain-bounces@...] Im Auftrag von
Shane Coughlan
Gesendet: Mittwoch, 23. Mai 2018 09:57
An: openchain@...
Betreff: [OpenChain] Value of OpenChain for different sectors -
creating one sentence explanation of value

Dear all

This was a thought experiment from a while back that I believe may be useful to revisit. Input most welcome.

Consumer Electronics
OpenChain helps the suppliers provide hardware, software or integrated components while following key international Open Source license compliance processes.

Automotive
OpenChain helps Tier 1, 2 and 3 suppliers to adopt key international Open Source license compliance processes.

Enterprise
OpenChain helps to ensure that suppliers of all sizes adhere to key international Open Source license compliance processes.

SaaS
- Help wanted!

IoT
- Help wanted!

Regards

Shane

--
Shane Coughlan
OpenChain Project Director
e: coughlan@...
p: +81 (0) 80 4035 8083
w: www.openchainproject.org

Professional profile: http://www.linkedin.com/in/shanecoughlan

Get my free book on open source compliance here:
https://www.linuxfoundation.org/news-media/research/practical-gpl-comp
liance

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Shane Coughlan <coughlan@...>
 

Hi Oliver, all

Here is my spin on the value of our project for different sectors, SaaS and containers split apart. Good to go?

Consumer Electronics
OpenChain helps the suppliers provide hardware, software or integrated components while following key international Open Source license compliance processes.

Automotive
OpenChain helps Tier 1, 2 and 3 suppliers to adopt key international Open Source license compliance processes.

Enterprise
OpenChain helps to ensure that suppliers of all sizes adhere to key international Open Source license compliance processes.

SaaS:
OpenChain helps providers ensure remote code distribution is governed by key international Open Source license compliance processes.

Containers:
OpenChain helps providers manage on-premise or remote deployments using key international Open Source license compliance processes.

Regards

Shane

On Jun 1, 2018, at 20:55, Fendt, Oliver <oliver.fendt@...> wrote:

Hi Shane,

thank you for your reply.
I would love to keep the container stuff separated from the SaaS thing.
This makes it clear that we have this topic on the agenda and that we address this.

Ciao
Oliver

-----Ursprüngliche Nachricht-----
Von: Shane Coughlan [mailto:coughlan@...]
Gesendet: Donnerstag, 31. Mai 2018 11:47
An: Fendt, Oliver (CT RDA SSI)
Cc: openchain@...
Betreff: Re: [OpenChain] Value of OpenChain for different sectors - creating one sentence explanation of value

Hi OIiver

If we went with combined perhaps this for SaaS and containers:
"OpenChain helps SaaS providers manage client-side, on-premise, M&A use cases in order to comply with the key international Open Source license compliance processes.”

If we kept containers separate perhaps this:
"OpenChain helps container providers address on-premise or remote use cases in order to comply with the key international Open Source license compliance processes.”

Shane

On May 29, 2018, at 17:16 , Fendt, Oliver <oliver.fendt@...> wrote:

Hi all,

Shanes email, brought another topic to my mind.
How about all this "docker container shipping around the world" is license compliance when making docker container available to others also a topic for OpenChain?

Sorry if this was already discussed

Ciao
Oliver

-----Ursprüngliche Nachricht-----
Von: openchain-bounces@...
[mailto:openchain-bounces@...] Im Auftrag von
Shane Coughlan
Gesendet: Mittwoch, 23. Mai 2018 09:57
An: openchain@...
Betreff: [OpenChain] Value of OpenChain for different sectors -
creating one sentence explanation of value

Dear all

This was a thought experiment from a while back that I believe may be useful to revisit. Input most welcome.

Consumer Electronics
OpenChain helps the suppliers provide hardware, software or integrated components while following key international Open Source license compliance processes.

Automotive
OpenChain helps Tier 1, 2 and 3 suppliers to adopt key international Open Source license compliance processes.

Enterprise
OpenChain helps to ensure that suppliers of all sizes adhere to key international Open Source license compliance processes.

SaaS
- Help wanted!

IoT
- Help wanted!

Regards

Shane

--
Shane Coughlan
OpenChain Project Director
e: coughlan@...
p: +81 (0) 80 4035 8083
w: www.openchainproject.org

Professional profile: http://www.linkedin.com/in/shanecoughlan

Get my free book on open source compliance here:
https://www.linuxfoundation.org/news-media/research/practical-gpl-comp
liance

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Matija Šuklje
 

On petek, 08. junij 2018 02:58:44 CEST Shane Coughlan wrote:
Here is my spin on the value of our project for different sectors, SaaS and
containers split apart. Good to go?
Looks good to me.

SaaS:
OpenChain helps providers ensure remote code distribution is governed by key
international Open Source license compliance processes.
I’m not 100% sure that everyone will understand the “remote code distribution”
part, but looks good enough to me :)


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...


Shane Coughlan <coughlan@...>
 

Maybe we can adjust SaaS to:
“OpenChain helps providers ensure any code distribution is governed by key
international Open Source license compliance processes.”?

Shane 

On 13 Jun 2018, at 13:18, Matija Šuklje <matija@...> wrote:

On petek, 08. junij 2018 02:58:44 CEST Shane Coughlan wrote:
Here is my spin on the value of our project for different sectors, SaaS and
containers split apart. Good to go?

Looks good to me.

SaaS:
OpenChain helps providers ensure remote code distribution is governed by key
international Open Source license compliance processes.

I’m not 100% sure that everyone will understand the “remote code distribution”
part, but looks good enough to me :)


cheers,
Matija Šuklje
--
gsm:    +386 41 849 552
www:    http://matija.suklje.name
xmpp:   matija.suklje@...
sip:    matija_suklje@...

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Matija Šuklje
 

On sreda, 13. junij 2018 15:44:35 CEST Shane Coughlan wrote:
“OpenChain helps providers ensure any code distribution is governed by key
international Open Source license compliance processes.”?
I almost liked the version with “remote code distribution” slightly better. I
don’t have strong feelings either way though.


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...


Shane Coughlan <coughlan@...>
 

Hi Matija

On Jun 15, 2018, at 04:16 , Matija Šuklje <matija@...> wrote:

On sreda, 13. junij 2018 15:44:35 CEST Shane Coughlan wrote:
“OpenChain helps providers ensure any code distribution is governed by key
international Open Source license compliance processes.”?
I almost liked the version with “remote code distribution” slightly better. I
don’t have strong feelings either way though.
Let’s return to the favorite. Every part of this project should be loved!

Consumer Electronics
OpenChain helps the suppliers provide hardware, software or integrated components while following key international Open Source license compliance processes.

Automotive
OpenChain helps Tier 1, 2 and 3 suppliers to adopt key international Open Source license compliance processes.

Enterprise
OpenChain helps to ensure that suppliers of all sizes adhere to key international Open Source license compliance processes.

SaaS:
OpenChain helps providers ensure any remote code distribution is governed by key international Open Source license compliance processes.

Containers:
OpenChain helps providers manage on-premise or remote deployments using key international Open Source license compliance processes.

I am going to start testing this more widely and then make a handout.

Any comments or suggestions welcome.

Regards

Shane